The Long and the Short of It: lsof

The shorter a command, the longer the list of support parameters. This rule applies to lsof, one of Charly’s favorite commands.

If you type lsof without parameters, the output is a long list of open files. This outpouring is sorted by PID; thus, it starts with init. On a laptop I was using as a lab machine, the list includes no fewer than 6,778 entries, which is not my understanding of intelligible.

In this issue, sys admin columnist and tool veterinarian Charly Kühnast invites Sysdig, the jack-of-all-trades among system diagnostic tools, into his surgery for a quick checkup. The project promises to unite the functionality of lsof, iftop, netstat, tcpdump, and others.

Well-used services write reams of log information to disk, which is not only bothersome from a storage perspective but also pushes grep and the usual group of statistics tools to their limits. Will hitching the syslog daemon up to a database help?

The graphical tool QPS frees admins from Kafkaesque ambiguities about the cause, history, and side effects of running processes. Depending on the view, either clarity or detailed information dominate the scene.